Days Locker Ransomware
Among the additions to the growing list of ransomware strains is "Days Locker," which has gained notoriety for its encrypting tactics and ransom demands.
Table of Contents
The Days Locker Ransomware
Days Locker is a strain of ransomware that encrypts a victim's files and adds a distinct ".Daysv3" extension to the filenames. While the specific delivery methods of Days Locker are still under investigation, it is likely to be spread through phishing emails, unsafe attachments, or compromised software downloads. Once it infiltrates a system, it quickly encrypts the victim's files, rendering them inaccessible.
Ransom Note Presentation
What sets Days Locker apart from other ransomware strains is its unique method of delivering ransom demands. Instead of leaving a ransom note as a text file within the encrypted folders, Days Locker presents its ransom message directly in a pop-up window on the victim's screen. This approach can be particularly alarming for victims, as it immediately captures their attention and instills a sense of urgency.
Ransom Demands
Days Locker typically demands a ransom payment of $345 worth of Bitcoin (BTC) in exchange for the decryption key. The use of cryptocurrency as a means of payment is a common tactic among ransomware operators, as it provides a degree of anonymity and is not easily traceable.
Cryptocurrency Wallet Addresses
To facilitate the payment process, Days Locker provides two cryptocurrency wallet addresses where victims are instructed to send their ransom payments. The provided Bitcoin wallet addresses are as follows:
- 1AhsY7rEJ82D3vAyrAPQakK6nUcE3UUTH6
- 141CDbzB3erxeqLYxXeZivGGzqs6eXKUAk
It is essential to note that the payment of the ransom does not means that the attackers will provide the decryption key, and victims are strongly discouraged from complying with their demands.
Contact Information
In addition to the cryptocurrency wallet addresses, Days Locker provides an email address for victims to contact the ransomware operators. The contact email address is:
- Email: nowil24701@armablog.com
Cybersecurity experts and law enforcement agencies universally advise against contacting or negotiating with ransomware operators. Engaging with them may not only result in financial losses but also embolden cybercriminals to continue their illicit activities.
The Days Locker Ransomware represents a concerning addition to the ever-growing arsenal of ransomware strains. Its unique pop-up ransom note and cryptocurrency payment demands make it a distinctive and damaging threat to individuals and organizations alike. As ransomware attacks continue to evolve, it is imperative that individuals and businesses prioritize cybersecurity measures such as regular backups, up-to-date software, and employee education to mitigate the risks associated with these harmful attacks. Furthermore, cooperation with law enforcement agencies and cybersecurity professionals is crucial in combating the threat of ransomware and bringing cybercriminals to justice.
The Days Locker Ransomware ransom note reads:
'Days Locker V3.0
YOUR FILES HAVE BEEN ENCRYPTED!
Hello, all your files have been encrypted by Days Locker V3.0
Created By MODEREN DAYS
All your files have also been stolen along with your personal information on your computer
what is encryption?
: Encryption mean you files has Locked so you cant open or use you files again
But Don't worry, we can select your files again, but you have to prepare 345 dollars
Send 345 Dollar to here: 1AhsY7rEJ82D3vAyrAPQakK6nUcE3UUTH6
After Pay You Can Contact us on email or we contact you
We Email: nowil24701@armablog.com
WALLET ADDRESS: 141CDbzB3erxeqLYxXeZivGGzqs6eXKUAk
BITCOIN FEE: 0.0897'
